stm32mp: cmd_stm32key: lock of PKH OTP after fuse
Lock the OTP value of key's hash after the command
$> stm32key fuse <address>
This operation forbids a second update of these OTP as they are
ECC protected in BSEC: any update of these OTP with a different value
causes a BSEC disturb error and the closed chip will be bricked.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
index 2529139..c4cb634 100644
--- a/arch/arm/mach-stm32mp/cmd_stm32key.c
+++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
@@ -39,8 +39,9 @@
return ret;
}
- for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) {
- word = STM32_OTP_HASH_KEY_START + i;
+ for (i = 0, word = STM32_OTP_HASH_KEY_START;
+ i < STM32_OTP_HASH_KEY_SIZE;
+ i++, word++, addr += 4) {
val = __be32_to_cpu(*(u32 *)addr);
if (print)
printf("Fuse OTP %i : %x\n", word, val);
@@ -50,8 +51,13 @@
log_err("Fuse OTP %i failed\n", word);
return ret;
}
-
- addr += 4;
+ /* on success, lock the OTP for HASH key */
+ val = 1;
+ ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4);
+ if (ret != 4) {
+ log_err("Lock OTP %i failed\n", word);
+ return ret;
+ }
}
return 0;